Overview

overview

8

Static

static

8

179e9dbb62...fd.exe

windows7-x64

8

179e9dbb62...fd.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    179e9dbb62badbc9370d5944ad93957ce89ea8f45c50bd5195a52ef551e028fd

  • Size

    28KB

  • Sample

    221206-zehjwsbd82

  • MD5

    ad2c40d88f65a2cc48a726a6ee67542c

  • SHA1

    2c56ca98dbd6a565b6a6b80f949bf560f4cec3dd

  • SHA256

    179e9dbb62badbc9370d5944ad93957ce89ea8f45c50bd5195a52ef551e028fd

  • SHA512

    11b2ddd765f309df0054607e83e83380d2adef8dd03f5609363760201e40e38b2e1e60d61374a9ea8ae68c7640fb3e37ed09dbb6262e9496993761183b643054

  • SSDEEP

    384:IEbrWt9MbF8gt+nUwCNKUIY8fmBoHB2aNJawcudoD7UJFP5LkIyvEfWoidL39/bb:IEbrHKgcnpCO9nbcuyD7UzhkIZiJ9

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      179e9dbb62badbc9370d5944ad93957ce89ea8f45c50bd5195a52ef551e028fd

    • Size

      28KB

    • MD5

      ad2c40d88f65a2cc48a726a6ee67542c

    • SHA1

      2c56ca98dbd6a565b6a6b80f949bf560f4cec3dd

    • SHA256

      179e9dbb62badbc9370d5944ad93957ce89ea8f45c50bd5195a52ef551e028fd

    • SHA512

      11b2ddd765f309df0054607e83e83380d2adef8dd03f5609363760201e40e38b2e1e60d61374a9ea8ae68c7640fb3e37ed09dbb6262e9496993761183b643054

    • SSDEEP

      384:IEbrWt9MbF8gt+nUwCNKUIY8fmBoHB2aNJawcudoD7UJFP5LkIyvEfWoidL39/bb:IEbrHKgcnpCO9nbcuyD7UzhkIZiJ9

    Score
    8/10
    evasionupx

    • Executes dropped EXE

    • Stops running service(s)

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks